Re: ISA and Separating Networks

---

• From: "Chris Guimbellot" <cguimbellot@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Tue, 26 Jul 2005 11:20:19 -0400

---

Steve,

> With SBS2000, you have ISA2000. ISA2000 does not handle multiple nic
> scenarios terribly well. I would *not* recommend attempting to use your
> SBS to provide network management in this fashion.

I understhand. I would rather not do it anyway.

> Have them buy a firewall, and fit it as follows:
>
> Internet -> Cisco Router -> Switch -> SBS external NIC
> -> WAN side of their
> Firewall

This may seem silly, but if I run the cable into the external NIC, where
does the cable that goes into his WAN link come from? The switch? The
internal NIC? I am missing something here.

> The only requirement for this to work is that there be an IP available for
> the WAN side of that firewall. If the Cisco router is providing basic NAT,
> this is certain. If it's actually doing full blown routing, then you just
> need a spare public IP in your block (so your block would need to be at
> least 8 IPs, rather than 4).

I have the router doing my NAT and that is basically it? Are you implying
that I give the firewall (WAN side) an external IP and configure the router
to allow that traffic? I don't know all that much about my router (had to
get a friend to program it the first time, although if I can tell him what I
want, he can do it again). Also, what type of firewall should they look at
buying. I have a SonicWall SOHO here I could let them borrow. Will that
work.

Thanks again,
Chris


.

---

• Follow-Ups:
  • Re: ISA and Separating Networks
    • From: Steve Foster [SBS MVP]

• References:
  • ISA and Separating Networks
    • From: Chris Guimbellot
  • Re: ISA and Separating Networks
    • From: Steve Foster [SBS MVP]

• Prev by Date: Unable to send/receive email messages.
• Next by Date: Re: Wireless in a SBS2k domain
• Previous by thread: Re: ISA and Separating Networks
• Next by thread: Re: ISA and Separating Networks
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Zyxel ZyWall 10 router MADNESS ... Firewall is turned off. ... 192.168.0.10-12 LAN mapped to IPs 192.168.1.10-12 WAN ... No port forwarding is configured (you don't need it if you are mapping ... There is a router on the network at 192.168.1.2 for outside access (but ... (comp.security.firewalls) Re: Just venting (totally OT) ... the ame router to get access to the net! ... I'm paranoid about opening up my firewall "just in case..." ... not visiting dodgy Websites. ... The protection that it does supply is also provided by ... (uk.people.support.depression) Re: Just venting (totally OT) ... how long it plays for because it's all been ripped on to hard disc ... the ame router to get access to the net! ... I'm paranoid about opening up my firewall "just in case..." ... The protection that it does supply is also provided by ... (uk.people.support.depression) Re: What is broken:McAfeee firewall or my router ????? Urgent, ple ... your computer regardless of what McAfee firewall said. ... If your router is ... warned about those ports being available right away if you had any of those ... (microsoft.public.security) Re: What is broken:McAfeee firewall or my router ????? Urgent, ple ... your computer regardless of what McAfee firewall said. ... If your router is ... warned about those ports being available right away if you had any of those ... (microsoft.public.security)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > BackOffice  > microsoft.public.backoffice.smallbiz2000  > 2005-07